Error when accessing datastore. Unable to access data because it does not exist, is behind a virtual network, or you do not have Storage Blob Data Reader role on this storage account.

Question

Error when accessing datastore. Unable to access data because it does not exist, is behind a virtual network, or you do not have Storage Blob Data Reader role on this storage account.

workspaceartifactstore data store authentication type updated with managed Identity. And i have updated the AML workspace details in Storage Account as Contributor and Storage Blob Data Contributor.

But still i'm seeing the exception while browsing data preview.

Answer 1

@Murali Relamadugu I have seen the following message while trying to update the same setting on my default workspaceartifactstore.

We could not verify whether the workspace managed identity has sufficient permissions on the resource to enable data access.Please ensure the following permissions have been assigned to the workspace managed service identity on the resource:

• Microsoft.Storage/storageAccounts/read must be assigned on the resource.
• Microsoft.Storage/storageAccounts/blobServices/containers/read must be assigned on the resource.
• Microsoft.Network/privateEndpoints/read must be assigned on the resource.
• Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read must be assigned on the resource.

I think the access you have provided should cover all the above permissions except for privateEndpoints/read.

Also, this feature is for cases where your workspace is secured with a virtual network and you want to use the studio to preview data, is this the scenario in your case where the workspace is secured in a different virtual network?